Remember the TV show that voted you off if you were the weakest link? A number of studies have concluded that the person at the keyboard is your weakest link and the greatest data security threat. In fact employees were the number one cause of data breaches in small and mid-sized businesses accounting for over 48% of all incidents. Usually the breach was due to an innocent mistake because employees often lack basic awareness of data security and how hackers work. Employee education is one of the most important things you can do to lower the potential of security breaches.
Awareness training on the security risks that employees face every day is a good start. A recent Hartford blog discussed that social engineering (Could Your Own Employees Make Your Business More Hackable?) is a growing threat for small businesses whereby hackers pose as a trusted source in need of confidential data. Through phishing, employees are invited to click on a link that without their knowledge installs a virus on their computer. Now that the hacker is in, it is only a matter of time before they spring the trap. This could be monitoring transactions until the time is right to redirect funds, theft of confidential information or ransomware that will hold your computer hostage until the required ransom is paid.
To prevent employees from falling into these traps, advise them to:
1. Confirm the legitimacy of the source before giving out confidential information
2. Never open attachments from people they don’t know
3. Avoid suspicious links in emails, websites and online ads
4. Be careful what you post on social media or your website